[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#298138: marked as done (ssh: PermitRootLogin should defaul to "no")

Your message dated Sat, 5 Mar 2005 01:41:21 +0000
with message-id <[🔎] 16937.3649.122854.502193@rapun.sel.cam.ac.uk>
and subject line Bug#298138: ssh: PermitRootLogin should defaul to "no"
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

Received: (at submit) by bugs.debian.org; 4 Mar 2005 23:19:01 +0000
>From kink@squirrelmail.org Fri Mar 04 15:19:01 2005
Return-path: <kink@squirrelmail.org>
Received: from warp.os9.nl [] 
	by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1D7M4T-0006H0-00; Fri, 04 Mar 2005 15:19:01 -0800
Received: by warp.os9.nl (Postfix, from userid 1001)
	id 0CDCBE6AF5; Sat,  5 Mar 2005 00:18:59 +0100 (CET)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Thijs Kinkhorst <kink@squirrelmail.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: ssh: PermitRootLogin should defaul to "no"
X-Mailer: reportbug 3.8
Date: Sat, 05 Mar 2005 00:18:59 +0100
Message-Id: <[🔎] 20050304231859.0CDCBE6AF5@warp.os9.nl>
Delivered-To: submit@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE 
	autolearn=no version=2.60-bugs.debian.org_2005_01_02

Package: ssh
Version: 1:3.8.1p1-8.sarge.4
Severity: wishlist


On a recent new install, I noticed that sshd had the PermitRootLogin
option set to Yes by default. From a security standpoint, being secure by
default, it would be better to default this option to No.

Thijs Kinkhorst

-- System Information:
Debian Release: 3.1
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.8-2-686
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)

Versions of packages ssh depends on:
ii  adduser                     3.59         Add and remove users and groups
ii  debconf               Debian configuration management sy
ii  dpkg                        1.10.27      Package maintenance system for Deb
ii  libc6                       2.3.2.ds1-20 GNU C Library: Shared libraries an
ii  libpam-modules              0.76-22      Pluggable Authentication Modules f
ii  libpam-runtime              0.76-22      Runtime support for the PAM librar
ii  libpam0g                    0.76-22      Pluggable Authentication Modules l
ii  libssl0.9.7                 0.9.7e-2     SSL shared libraries
ii  libwrap0                    7.6.dbs-6    Wietse Venema's TCP wrappers libra
ii  zlib1g                      1:1.2.2-3    compression library - runtime

-- debconf information excluded

Received: (at 298138-done) by bugs.debian.org; 5 Mar 2005 01:41:26 +0000
>From matthew@pick.ucam.org Fri Mar 04 17:41:26 2005
Return-path: <matthew@pick.ucam.org>
Received: from ppsw-3.csi.cam.ac.uk [] 
	by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1D7OIH-0004qA-00; Fri, 04 Mar 2005 17:41:26 -0800
Received: from rapun.sel.cam.ac.uk ([]:1647)
	by ppsw-3.csi.cam.ac.uk (ppsw.cam.ac.uk []:25)
	with esmtp id 1D7OIF-0001Z8-9t (Exim 4.44)
	(return-path <matthew@pick.ucam.org>); Sat, 05 Mar 2005 01:41:23 +0000
Received: from matthew by rapun.sel.cam.ac.uk with local (Exim 3.35 #1 (Debian))
	id 1D7OID-0002Hj-00; Sat, 05 Mar 2005 01:41:21 +0000
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <[🔎] 16937.3649.122854.502193@rapun.sel.cam.ac.uk>
Date: Sat, 5 Mar 2005 01:41:21 +0000
From: Matthew Vernon <matthew@sel.cam.ac.uk>
To: Thijs Kinkhorst <kink@squirrelmail.org>,
Cc: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#298138: ssh: PermitRootLogin should defaul to "no"
In-Reply-To: <[🔎] 20050304231859.0CDCBE6AF5@warp.os9.nl>
References: <[🔎] 20050304231859.0CDCBE6AF5@warp.os9.nl>
X-Mailer: VM 7.18 under Emacs 21.2.1
Sender: Matthew Vernon <matthew@pick.ucam.org>
X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/
X-Cam-AntiVirus: No virus found
X-Cam-SpamDetails: Not scanned
Delivered-To: 298138-done@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-5.0 required=4.0 tests=BAYES_01,HAS_BUG_NUMBER 
	autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-CrossAssassin-Score: 2

Thijs Kinkhorst writes:


Please read README.Debian before submitting your bug reports - this is
good practice for any package, not just ssh.


Rapun.sel - outermost outpost of the Pick Empire

Reply to: